# -*- coding: utf-8 -*-
# @Author : HaleShi
# @Time : 2023-06-28
# @File : 10_complete.py

import json
import base64
import hashlib
import requests

from urllib.parse import quote_plus
import frida
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad

# USERNAME = input("请输入您的手机号码:\n")
USERNAME = "17602167906"
# PASSWORD = input("请输入您的密码:\n")
PASSWORD = "123456"
androidid = "9b030266fede4c4a"
wifi_mac = "96:C2:9F:2E:3E:FF"


def gen_device():
    # 明文：null9b030266fede4c4ataimengooglearm64-v8ataimenQQ3A.200805.001abfarm-01330QQ3A.200805.001GooglePixel 2 XLtaimenrelease-keysuserandroid-build96:C2:9F:2E:3E:FF02:00:00:00:00:00
    # 一开始抓包device 3e56104c8b41fc4db7a72972e298fa711bf0135e
    # 后来抓包的device 1c23fdb2860abc71560074db1d2b4b7673dc02e7
    '''
    str1 = 设备ID（可随机、可为空） null
    str3 = 安卓ID（可随机） 9b030266fede4c4a
    str2 = 手机平台等各种信息
    str4 = wifi MAC
    str5 = 蓝牙MAC
    :return:
    '''
    str1 = "null"
    str3 = androidid
    str2 = "taimengooglearm64-v8ataimenQQ3A.200805.001abfarm-01330QQ3A.200805.001GooglePixel 2 XLtaimenrelease-keysuserandroid-build"
    str4 = "96:C2:9F:2E:3E:FF"
    str5 = "02:00:00:00:00:00"
    data_string = str1 + str3 + str2 + str4 + str5

    # sha1加密
    hash_object = hashlib.sha1()
    hash_object.update(data_string.encode('utf-8'))
    device = hash_object.hexdigest()
    return device


DEVICE = gen_device()


def gen_Query():
    Query_String = {
        "device": DEVICE,
        "ver": "630",
        "screen_width": "1440",
        "screen_height": "2712",
        "model": "Pixel+2+XL",
        "sdkver": "29",
        "platform": "android",
        "releasever": "10",
        "channel": "360",
        "latt": "0",
        "lngt": "0",
        "networkType": "0",
        "token": "",
        "userStatus": "0 HTTP/1.1"
    }

    datalist = []
    for k, v in Query_String.items():
        ele = f"{k}={v}"
        datalist.append(ele)
    result = "&".join(datalist)

    headers = "&".join([f"{key}={Query_String[key]}" for key in Query_String.keys()])
    return headers


def gen_crype_password(PASSWORD):
    KEY = "b83fbe800858d800"
    IV = "yoloho_dayima!%_"
    password = PASSWORD

    aes = AES.new(
        key=KEY.encode('utf-8'),
        mode=AES.MODE_CBC,
        iv=IV.encode('utf-8')
    )
    raw = pad(password.encode('utf-8'), 16)
    res = base64.b64encode(aes.encrypt(raw)).decode("utf-8")
    return res


def gen_sign(username, password, device):
    rdev = frida.get_remote_device()
    session = rdev.attach("大姨妈")
    scr = """
    rpc.exports = {   
        sign:function(j2,str,j3){
             var res;

             Java.perform(function () {

                // 包.类
                var Crypt = Java.use("com.yoloho.libcore.util.Crypt");

                // 类中的方法
                res = Crypt.encrypt_data(j2,str,j3);
             });

             return res;
        }
    }
    """
    script = session.create_script(scr)
    script.load()

    pwd = gen_crype_password(password)

    sign = script.exports.sign(0,
                               f"{device}user/login{username}{pwd}",
                               85)
    print(sign)
    return pwd, sign


def run():
    Query_String = gen_Query()
    pwd, sign = gen_sign(USERNAME, PASSWORD, DEVICE)
    data = {
        "username": USERNAME,
        "password": pwd,
        "sign": sign,
        "androidid": androidid,
        "mac": quote_plus(wifi_mac),
        "imei": "",
        "density": "3.5",
        "brand": "google"
    }
    res = requests.post(
        url="https://uicapi.yoloho.com/user/login?{}".format(Query_String),
        data=data,
        headers={
            "User-Agent": "Mozilla/5.0 (Linux; Android 10; Pixel 2 XL Build/QQ3A.200805.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.186 Mobile Safari/537.36"
        }
    )
    print(res.text)


if __name__ == '__main__':
    run()
